package com.hedl.classroom.controller;

import com.hedl.classroom.mapper.XcUserMapper;
import com.hedl.classroom.model.dto.FindPswDto;
import com.hedl.classroom.model.dto.RegisterDto;
import com.hedl.classroom.model.po.XcUser;
import com.hedl.classroom.service.VerifyService;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import javax.annotation.Resource;

/**
 * @author Big Watermelon
 * @description 测试controller
 * @date 2023/12/01/23:20
 */
@Slf4j
@RestController
public class LoginController {

    @Resource
    private XcUserMapper xcUserMapper;

    @Resource
    private VerifyService verifyService;

    @RequestMapping("/login-success")
    public String loginSuccess(){
        return "登录成功";
    }

    @RequestMapping("/user/{id}")
    public XcUser getUser(@PathVariable("id") String id){
        XcUser xcUser = xcUserMapper.selectById(id);
        return xcUser;
    }

    @RequestMapping("/r/r1")
    @PreAuthorize("hasAuthority('p1')")     //拥有p1权限方可访问
    public String r1(){
        return "访问r1资源";
    }

    @RequestMapping("/r/r2")
    @PreAuthorize("hasAuthority('p2')")     //拥有p2权限方可访问
    public String r2(){
        return "访问r2资源";
    }


    //如下找回密码和注册访问存在问题？一直报403 Forbidden错误
    //问题解决是因为这里我们的Security开启了CSRF保护，关闭就可以了
    @ApiOperation(value = "找回密码", tags = "找回密码")
    @PostMapping("/findpassword")
    public void findPassword(@RequestBody FindPswDto findPswDto) {
        verifyService.findPassword(findPswDto);
    }

    @ApiOperation(value = "注册", tags = "注册")
    @PostMapping("/register")
    public void register(@RequestBody RegisterDto registerDto) {
        verifyService.register(registerDto);
    }
}
